package com.example.uCenter.utils;

import com.auth0.jwt.JWT;
import com.auth0.jwt.JWTVerifier;
import com.auth0.jwt.algorithms.Algorithm;
import com.auth0.jwt.exceptions.JWTVerificationException;
import com.auth0.jwt.exceptions.TokenExpiredException;
import com.auth0.jwt.interfaces.DecodedJWT;

import java.util.Date;

/**
 * hhl
 * TOKEN工具类
 */
public class JwtTokenUtil {
    //定义token返回头部
//    public static final String AUTH_HEADER_KEY = "Authorization";
    //token前缀
//    public static final String TOKEN_PREFIX = "Bearer ";
    //签名密钥
//    public static final String KEY = "q3t6w9z$C&F)J@NcQfTjWnZr4u7x";
    //有效期默认为7天
    public static final Long EXPIRATION_TIME = 1000L * 60 * 60 * 24 * 7;
    //    测试一分钟
//    public static final Long EXPIRATION_TIME= 1000L*60;

    /**
     * 创建TOKEN
     *
     * @param content
     * @return
     **/
    public static String createToken(String content) {
        try {
            Algorithm algorithm = Algorithm.HMAC256("secret");
            String token = JWT.create()
                    .withSubject(content)
                    .withExpiresAt(new Date(System.currentTimeMillis() + EXPIRATION_TIME))
                    .sign(algorithm);
            return token;
        } catch (JWTVerificationException exception) {
//            throw new Exception("无效的签名",exception);
            return "无效的签名" + exception;
        }
//        TOKEN_PREFIX + JWT.create().withSubject(content).withExpiresAt(new Date(System.currentTimeMillis() + EXPIRATION_TIME)).sign(Algorithm.HMAC512(KEY))
    }


    /**
     * 验证token
     *
     * @param token
     */
    public static String verifyToken(String token) {
//        try {
//            return JWT.require(Algorithm.HMAC512(KEY)).build().verify(token.replace(TOKEN_PREFIX, "")).getSubject();
//        } catch (TokenExpiredException e) {
//            throw new Exception("token已失效，请重新登录", e);
//        } catch (JWTVerificationException e) {
//            throw new Exception("token验证失败！", e);
//        }
        try {
            Algorithm algorithm = Algorithm.HMAC256("secret");
            JWTVerifier verifier = JWT.require(algorithm)
                    .build();
            DecodedJWT jwt = verifier.verify(token);
            return jwt.getSubject();
        } catch (TokenExpiredException exception) {
            return "token验证已失效" + exception;
        } catch (JWTVerificationException exception) {
            return "token验证失败" + exception;
        }
    }
}
